<?php
//Include our stuff
require('../backend/pure.class.php');
require('../geshi/geshi.php');
require('../backend/fetch.class.php');
require('../options.php');

//Set up pure
$_p=new pure('../');
$attachmentName=fetch::unescapePostVar($_GET['attach']);

//Check if the file exists
$file=$_p->get_attachment($attachmentName,'../'.UPLOAD_PATH);
if($file===false)
	echo('Attachment not found.');
elseif(PREVENT_ATTACHMENT_HOTLINKING && strpos(str_replace('www.','',$_SERVER['HTTP_REFERER']),str_replace('www.','',SITE_URL))!==0)
	echo('Attachment hotlinking has been disabled, you may only download this attachment from the <a href="'.SITE_URL.'">original site</a>.');
else {
	//Send our happy user his file
	header("Cache-Control: ");
	header("Pragma: ");
	header("Content-type: application/octet-stream");
	header("Content-Disposition: attachment; filename=\"" . $file['file_name'] . "\"");
	header("Content-length:".strlen($file['file_data']));
	echo($file['file_data']);
}
?>